/*
 *
 * Paros and its related class files.
 * 
 * Paros is an HTTP/HTTPS proxy for assessing web application security.
 * Copyright (C) 2003-2004 Chinotec Technologies Company
 * 
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the Clarified Artistic License
 * as published by the Free Software Foundation.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * Clarified Artistic License for more details.
 * 
 * You should have received a copy of the Clarified Artistic License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 */
package org.parosproxy.paros.core.scanner.plugin;

import java.io.IOException;
import java.util.regex.Pattern;

import org.apache.commons.httpclient.URI;
import org.apache.commons.httpclient.URIException;
import org.parosproxy.paros.core.scanner.AbstractAppPlugin;
import org.parosproxy.paros.core.scanner.Alert;
import org.parosproxy.paros.core.scanner.Category;
import org.parosproxy.paros.network.HttpMessage;
import org.parosproxy.paros.network.HttpStatusCode;

/**
 * 
 * To change the template for this generated type comment go to Window -
 * Preferences - Java - Code Generation - Code and Comments
 */
public class TestServerSecurityDirectoryBrowsing extends AbstractAppPlugin {

	private final static Pattern patternIIS = Pattern.compile(
			"Parent Directory", PATTERN_PARAM);
	private final static Pattern patternApache = Pattern.compile(
			"\\bDirectory Listing\\b.*(Tomcat|Apache)", PATTERN_PARAM);

	// general match for directory
	private final static Pattern patternGeneralDir1 = Pattern.compile(
			"\\bDirectory\\b", PATTERN_PARAM);
	private final static Pattern patternGeneralDir2 = Pattern.compile(
			"[\\s<]+IMG\\s*=", PATTERN_PARAM);
	private final static Pattern patternGeneralParent = Pattern.compile(
			"Parent directory", PATTERN_PARAM);

	public int getId() {
		return 30010;
	}

	public String getName() {
		return "Directory browsing";
	}

	public String[] getDependency() {
		return null;
	}

	public String getDescription() {
		String msg = "It is possible to view the directory listing. Directory listing may reveal hidden "
			+ "scripts, include files , backup source files etc which be accessed to read sensitive "
			+ "information.";
		return msg;
	}

	public int getCategory() {
		return Category.SERVER;
	}

	public String getSolution() {
		String msg = "Disable directory browsing. If this is required, make sure the listed files does "
			+ "not induce risks.";
		return msg;
	}

	public String getReference() {
		String msg = "For IIS, turn off directory browsing. For Apache, use the 'Options -Indexes' directive "
			+ "to disable indexes in directory or via .htaccess file\n"
			+ "<ul><li>http://httpd.apache.org/docs/mod/core.html#options<li>"
			+ "<li>http://alamo.satlug.org/pipermail/satlug/2002-February/000053.html<li></ul>";
		return msg;
	}

	public void init() {
	}

	private void checkIfDirectory(HttpMessage msg) throws URIException {

		URI uri = msg.getRequestHeader().getURI();
		uri.setQuery(null);
		String sUri = uri.toString();
		if (!sUri.endsWith("/")) {
			sUri = sUri + "/";
		}
		msg.getRequestHeader().setURI(new URI(sUri, true));

	}

	public void scan() {

		boolean result = false;
		HttpMessage msg = getNewMsg();
		int reliability = Alert.WARNING;

		try {
			checkIfDirectory(msg);
			writeProgress(msg.getRequestHeader().getURI().toString());
			sendAndReceive(msg);

			if (msg.getResponseHeader().getStatusCode() != HttpStatusCode.OK) {
				return;
			}

			if (matchBodyPattern(msg, patternIIS, null)) {
				result = true;
			} else if (matchBodyPattern(msg, patternApache, null)) {
				result = true;
			} else if (matchBodyPattern(msg, patternGeneralParent, null)) {
				result = true;
				reliability = Alert.SUSPICIOUS;
			} else if (matchBodyPattern(msg, patternGeneralDir1, null)) {
				if (matchBodyPattern(msg, patternGeneralDir2, null)) {
					result = true;
					reliability = Alert.SUSPICIOUS;
				}
			}

		} catch (IOException e) {
		}

		if (result) {
			bingo(Alert.RISK_MEDIUM, reliability, msg.getRequestHeader()
					.getURI().toString(), "", "", msg);
		}
	}

}
